updating formatting and adding lifecycle parameter

chelseybeck · chelseybeck · commit 3784b59a5729 · 2024-02-02T09:57:24.000-08:00
diff --git a/.gitignore b/.gitignore
@@ -7,11 +7,12 @@
 # Ignore override files
 *.tfoverride
 
-
-
 # Ignore environment-specific files
 .envrc
 
 # Ignore CLI configuration files
 .terraformrc
-terraform.rc
+terraform.rc
+
+# Ignore metadata files
+*.tfstate.lock.info
diff --git a/terraform/aws-users.tf b/terraform/aws-users.tf
@@ -1,3 +1,4 @@
+// Create user and assign to group(s)
 module "iam_user_gwenstacy" {
   source = "./modules/aws-users"
 
diff --git a/terraform/backend.tf b/terraform/backend.tf
@@ -1,9 +1,9 @@
 terraform {
   backend "s3" {
-    bucket         = "hfla-ops-terraform-state"          # Replace with S3 bucket name
-    key            = "devops-security/terraform.tfstate" # Path to the state file within the bucket
-    region         = "us-west-2"                         # AWS region of the S3 bucket
-    dynamodb_table = "hfla_ops_terraform_table"          # DynamoDB table name for state locking
+    bucket         = "hfla-ops-terraform-state"
+    key            = "devops-security/terraform.tfstate"
+    region         = "us-west-2"
+    dynamodb_table = "hfla_ops_terraform_table"
     encrypt        = true
   }
 }
diff --git a/terraform/modules/aws-groups/main.tf b/terraform/modules/aws-groups/main.tf
@@ -5,7 +5,6 @@ resource "aws_iam_group" "group" {
   path = var.group_path
 }
 
-# Attaching policies to the group
 resource "aws_iam_group_policy_attachment" "group_policy_attachment" {
   for_each   = toset(var.policy_arn)
   group      = aws_iam_group.group.name
diff --git a/terraform/modules/aws-groups/variables.tf b/terraform/modules/aws-groups/variables.tf
@@ -15,8 +15,3 @@ variable "policy_arn" {
   description = "List of policy ARNs to attach to the group"
   type        = list(string)
 }
-
-# variable "policy_arns" {
-#   description = "List of policy ARNs to attach to the group"
-#   type        = list(string)
-# }
diff --git a/terraform/modules/aws-users/.terraform.lock.hcl b/terraform/modules/aws-users/.terraform.lock.hcl
diff --git a/terraform/modules/aws-users/main.tf b/terraform/modules/aws-users/main.tf
@@ -7,13 +7,17 @@ resource "aws_iam_user" "user" {
   tags = var.user_tags
 }
 
-# Example of creating a login profile for the user (if needed)
 resource "aws_iam_user_login_profile" "user_login" {
-  user    = aws_iam_user.user.name
-  #pgp_key = var.pgp_key
+  user = aws_iam_user.user.name
 
   password_reset_required = true
   depends_on              = [aws_iam_user.user]
+
+  lifecycle {
+    ignore_changes = [
+      password_reset_required,
+    ]
+  }
 }
 
 resource "aws_iam_user_group_membership" "user_group_membership" {
diff --git a/terraform/modules/aws-users/outputs.tf b/terraform/modules/aws-users/outputs.tf
@@ -1,11 +1,11 @@
 # users/outputs.tf
 
 output "user_name" {
-  value = aws_iam_user.user.name
+  value       = aws_iam_user.user.name
   description = "The name of the IAM user"
 }
 
 output "user_arn" {
-  value = aws_iam_user.user.arn
+  value       = aws_iam_user.user.arn
   description = "The ARN of the IAM user"
 }
diff --git a/terraform/modules/aws-users/terraform.tfstate b/terraform/modules/aws-users/terraform.tfstate

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,4 @@`
	`1`	`+// Create user and assign to group(s)`
`1`	`2`	`module "iam_user_gwenstacy" {`
`2`	`3`	`source = "./modules/aws-users"`
`3`	`4`
Original file line number	Diff line number	Diff line change
`@@ -1,9 +1,9 @@`
`1`	`1`	`terraform {`
`2`	`2`	`backend "s3" {`
`3`		`- bucket = "hfla-ops-terraform-state" # Replace with S3 bucket name`
`4`		`- key = "devops-security/terraform.tfstate" # Path to the state file within the bucket`
`5`		`- region = "us-west-2" # AWS region of the S3 bucket`
`6`		`- dynamodb_table = "hfla_ops_terraform_table" # DynamoDB table name for state locking`
	`3`	`+ bucket = "hfla-ops-terraform-state"`
	`4`	`+ key = "devops-security/terraform.tfstate"`
	`5`	`+ region = "us-west-2"`
	`6`	`+ dynamodb_table = "hfla_ops_terraform_table"`
`7`	`7`	`encrypt = true`
`8`	`8`	`}`
`9`	`9`	`}`
Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,6 @@ resource "aws_iam_group" "group" {`
`5`	`5`	`path = var.group_path`
`6`	`6`	`}`
`7`	`7`
`8`		`-# Attaching policies to the group`
`9`	`8`	`resource "aws_iam_group_policy_attachment" "group_policy_attachment" {`
`10`	`9`	`for_each = toset(var.policy_arn)`
`11`	`10`	`group = aws_iam_group.group.name`
Original file line number	Diff line number	Diff line change
`@@ -15,8 +15,3 @@ variable "policy_arn" {`
`15`	`15`	`description = "List of policy ARNs to attach to the group"`
`16`	`16`	`type = list(string)`
`17`	`17`	`}`
`18`		`-`
`19`		`-# variable "policy_arns" {`
`20`		`-# description = "List of policy ARNs to attach to the group"`
`21`		`-# type = list(string)`
`22`		`-# }`
Original file line number	Diff line number	Diff line change
`@@ -1,11 +1,11 @@`
`1`	`1`	`# users/outputs.tf`
`2`	`2`
`3`	`3`	`output "user_name" {`
`4`		`- value = aws_iam_user.user.name`
	`4`	`+ value = aws_iam_user.user.name`
`5`	`5`	`description = "The name of the IAM user"`
`6`	`6`	`}`
`7`	`7`
`8`	`8`	`output "user_arn" {`
`9`		`- value = aws_iam_user.user.arn`
	`9`	`+ value = aws_iam_user.user.arn`
`10`	`10`	`description = "The ARN of the IAM user"`
`11`	`11`	`}`